If you have an Azure SAS token that is not working, it is good idea to parse it and understand what permissions and values it contains.
This is a JavaScript code that uses Regular Expression to parse he SAS token, and an running example where you can try your own SAS token.
1var paramNames = {
2 sig: 'cryptographic signature',
3 st: 'start time',
4 se: 'end time',
5 spr: 'protocol',
6 srt: 'resource types',
7 sv: 'version',
8 sp: 'permissions',
9 ss: 'services'
10};
11
12let valueLookups = {
13 sp : {
14 r: 'read', d: 'delete', w: 'write', l: 'list', a: 'add',
15 c: 'create', u: 'update', p: 'process', f: 'filter'
16 },
17 srt: {
18 s: 'service', c: 'container', o: 'object'
19 },
20 ss : {
21 b: 'blob', f: 'file', q: 'queue', t: 'table'
22 }
23}
24
25let valueConvertor = (key, inputValue) =>
26 valueLookups[key] ? [...inputValue].map(x => valueLookups[key][x] || x)
27 : inputValue;
28
29function parseData(sasToken) {
30 let regExpressionPattern = /[?&]([a-z]*)=([^\&]*)/g;
31 var parameters = [...sasToken.matchAll(regExpressionPattern)];
32const finalObject = parameters.reduce((acc, row) => {
33 return {...acc, [paramNames[row[1]] || row[1]]: valueConvertor(row[1], row[2])}
34}, {});
35
36
37var outputObject = ParseData(inputSasToken);
38
39// The output object will be in the format
40{
41 "version":"2021-06-08",
42 "services":["blob","file","queue","table"],
43 "resource types":["service","container","object"],
44 "permissions":["read","write","delete","list","add","create","update","process","i","y","t","filter","x"],
45 "end time":"2023-02-04T03:03:37Z",
46 "start time":"2023-02-03T19:03:37Z",
47 "protocol":"https",
48 "cryptographic signature":"..jhh"
49}
Try it for yourself:
See the Pen Untitled by Ghassan Karwchan (@gkarwchan) on CodePen.